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BACKGROUND OF THE INVENTION 

1. Related Applications 

This application is a continuation of U.S. Patent Application Serial No. 09/270362, 
filed March 16, 1999, entitled, "Verification of Server Authorization to Provide Network 
Resources," now U.S. Patent No. 6,304,969, issued on October 16, 1999, which is hereby 
incorporated by reference. 

2. The Field of the Invention 

The present invention relates to systems and methods for verifying the authorization 
of a server to provide network resources to a client. More specifically, the present invention 
relates to systems and methods whereby the client compares a random number encrypted in 
a message sent to the server with a random number encrypted in a message sent to the client 
from the server, wherein the client determines that the server is authorized if the random 
numbers are the same, 

3. The Prior State of the Art 

During recent years, the use of computer networks to distribute information to users 
has increased dramatically. For example, the Internet is currently used for many purposes, 
including electronic commerce, delivery of news, entertainment, and education, to name just 
a few. Many Internet service providers ("ISPs") and content providers have found that 
accurate identification of users is necessary to support subscription services. When a client 
establishes communication with an ISP, the server at the ISP typically verifies that the client 
is recognized as one that has duly subscribed to the Internet service. Likewise, many World 
Wide Web ("Web") sites are available to users by subscription only. When a client attempts 
to access a subscription-based Web site, the client may be prompted to verify that it is 
authorized to receive content from the site. 
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Verification of the identity of clients has been accompUshed in many ways. A 
simple example involves the client transmitting to the server a user name and a password 
that has been previously registered with the server. If the user name and password match a 
registered user name and password stored at the server, the client is allowed access to the 
network resources. More advanced security systems include, for example, transmitting a 
client machine identifier from the client to the server or other techniques whereby 
information associated with the client verifies the identity of the client. 

Verifying the identity and authorization status of clients allows ISPs and content 
providers to collect subscription fees fi-om users. Without a reliable system to verify 
authorization of clients, non-authorized users could access service, and legitimate users may 
have little incentive to pay for service. 

There are some network configurations and business models that require security 
measures beyond the typical client-identification strategies described above. In some 
instances, it is desirable to identify the authorization of the server to provide network 
resources to the client. For a variety of reasons, suppliers or manufacturers of certain client 
systems may desire to allow only selected servers to provide network resources to their 
client systems. In one example, a provider of enhanced Internet, television, or other 
information or entertainment services may develop a client system specifically designed to 
receive its information or entertainment resources. In this example, the supplier of the client 
system can be seen primarily as the provider of the information or entertainment services, 
while the client system can be seen as a tool allowing users to gain access to the provider. 

The traditional security strategy of providing user names, passwords, or other 
identifiers is inadequate when applied to the verification of authorization of a server to 
provide network resources. As can be easily understood, simple identifiers are not readily 
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